TSS Security Engineer, SIEM Platform

Overview

About Moon Pay Moon Pay is here to onboard the world to the decentralized economy by making digital money move as universally and effortlessly as the internet.

Moon Pay is a unified payments platform for digital currency. We make it easy for anyone, anywhere, to buy, sell, swap and pay in digital currencies as easy as sending an email. We focus on reducing complexity so people can participate confidently, without needing to be crypto experts. We power the entire flow between fiat and crypto end to end, with compliance, identity checks, fraud prevention, and settlement built in.

This end-to-end approach reflects how we work internally: with accountability, rigor, and trust built into everything we ship.

Locations Supported US, New York

Relocation available:
No

Work pattern:
This role will be hybrid (we expect you in our New York office 2–3 days per week).

The Security Operations (Sec Ops) team at Moon Pay is dedicated to ensuring the security and integrity of our systems and data in a complex digital landscape. Our multicultural team brings together a wealth of expertise to tackle security challenges effectively. Our mission is to identify and mitigate vulnerabilities and threats while maintaining strict compliance with security policies and relevant regulations.

By leveraging advanced security measures and proactive threat detection, we safeguard our infrastructure and customers’ information. We foster a culture of security awareness across the company, ensuring everyone understands their role in maintaining a secure environment.

Our key responsibilities include incident response, security monitoring, endpoint security, VPN, vulnerability management, and third-party risk management (TPRM).

Join us in our commitment to security excellence and help build a safer future in the blockchain and payments industry.

As a Security Engineer, SIEM Platform
, you will lead the design, implementation, and continuous improvement of our Google Sec Ops (Chronicle) platform in a demanding and fast-paced environment. You will work closely with project managers, security engineers, and key stakeholders to deliver scalable SIEM/SOAR capabilities—while also serving as an L2 Incident Responder, leading investigations end-to-end and enabling the SOC Team through runbooks and operational guidance. This role blends platform engineering (integration, automation, performance, detection content) with hands-on security operations (triage, investigation, response leadership).

• Integration of Google Sec Ops SIEM with other security capabilities and tools such as SOAR, EDR, NDR, threat intelligence platform, and ticketing systems
• Write custom actions, scripts and/or integrations to extend SIEM platform functionality
• Creation of SIEM assets such as: detection rules using YARA-L, dashboards, parsers
• Extension of pre-built UDMs in Google Sec Ops and creation of custom parsers where required for log sources
• Testing and deployment of newly created and migrated assets such as rules, playbooks, alerts, dashboards
• Monitor performance and scale SIEM deployment
• Creation of custom SIEM dashboards to meet security requirements
• Debug and solve customer issues in ingestion, parsing, normalization of data
• Develop SOAR playbooks for case handling and Incident response per triage needs
• Design and implement solutions to handle alert fatigue in SIEM correlation

• Actively participate in Security Operations activities as an L2 Incident Responder
• Lead incidents through all stages: identification, containment, eradication, recovery, and lessons learned
• Serve as the primary point of contact for the SOC regarding SIEM investigations, platform behavior, detection logic, and operational troubleshooting
• Support continuous improvement by translating incident learnings into better detections, dashboards, and playbooks

• Minimum 2-3 years in Cybersecurity, ideally security operations or security operation center
• Expertise in incident management, SIEM, DLP, threat intelligence, VPN, and email security
• Google Sec…